Legal
Privacy Policy
Last updated: 4 June 2026 · Effective immediately
1. Who We Are
Nantes Airport Transfers ("we", "us", "our") is a private hire and chauffeur service operating in Nantes, France and surrounding regions. We are the data controller responsible for the personal data collected through this website (nantes-airport-transfer.com) and during the booking process.
Contact: contact@nantes-airport-transfer.com | Tel: +33 7 66 66 62 60
2. Data We Collect
We collect only the data strictly necessary to provide our service:
- Identity: First and last name
- Contact: Phone number, email address
- Trip details: Pickup and drop-off addresses, date and time of transfer, flight number (for airport pickups)
- Passenger information: Number of passengers, child seat requirements
- Payment data: Handled exclusively by Stripe, Inc. We do not store card numbers or CVV codes on our servers. We receive a tokenised confirmation of payment.
- Technical data: IP address, browser type, pages visited (via anonymised analytics only)
- Communications: Any messages you send via WhatsApp, email or our contact form
3. How We Use Your Data
- To confirm, dispatch and execute your booked transfer (contractual necessity)
- To communicate with you before, during and after your journey
- To track your flight in real time and adjust driver arrival accordingly
- To process payment securely via our payment partner Stripe
- To comply with French tax, accounting and legal obligations
- To improve service quality through aggregated, anonymised analytics
We do not sell, rent or trade your personal data to any third party for marketing purposes.
4. Legal Basis for Processing (GDPR Art. 6)
- Contract performance (Art. 6.1.b): Processing your booking, dispatching a driver, executing the transfer
- Legal obligation (Art. 6.1.c): Tax records, invoicing
- Legitimate interest (Art. 6.1.f): Service quality analytics, fraud prevention
- Consent (Art. 6.1.a): Where you have expressly opted in to marketing communications
5. Payment Processing — Stripe
All card payments are processed by Stripe, Inc. (Stripe Payments Europe, Ltd — an EU-regulated entity). Stripe is PCI DSS Level 1 certified. When you enter card details, they are transmitted directly to Stripe's secure environment. We receive only a payment token and transaction status. Stripe's privacy policy is available at stripe.com/privacy.
6. Data Sharing
We share your data only to the extent necessary:
- Our drivers: Name, phone, pickup address, flight number — to execute your transfer
- Stripe: Payment processing
- Flight tracking services: Flight number only, to verify arrival times
- Legal authorities: Only when required by French law or a court order
7. Data Retention
- Booking records are kept for 5 years to meet French accounting obligations (Article L.123-22 Code de Commerce)
- Marketing consent records are kept for 3 years from the last interaction
- Technical logs are deleted after 12 months
8. Cookies
We use only strictly necessary cookies for session management and security. We do not use advertising or tracking cookies. Analytics, if any, is configured in anonymised mode (no cross-site tracking).
9. Your Rights Under GDPR
As a data subject in the EU/EEA, you have the right to:
- Access the personal data we hold about you (Art. 15)
- Rectify inaccurate data (Art. 16)
- Erasure ("right to be forgotten") where there is no legal obligation to retain (Art. 17)
- Restrict processing in certain circumstances (Art. 18)
- Data portability in a machine-readable format (Art. 20)
- Object to processing based on legitimate interest (Art. 21)
- Withdraw consent at any time without affecting prior processing
To exercise any of these rights, email us at contact@nantes-airport-transfer.com. We will respond within 30 days. If you are unsatisfied, you may lodge a complaint with the French supervisory authority: CNIL — www.cnil.fr.
10. Data Security
We apply appropriate technical and organisational measures to protect your data: HTTPS encryption, access controls, and secure storage. No online transmission is 100% secure; we minimise risk by limiting the data we collect and the number of people with access.
11. International Transfers
Your data is processed within the EU/EEA. Stripe operates under EU Standard Contractual Clauses and the EU–US Data Privacy Framework for any US-side processing.
12. Changes to This Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top will reflect any changes. Continued use of our service after an update constitutes acceptance of the revised policy.
← Back to home